Cyberattacks hit US, South Korea

From the Associated Press:

SEOUL, South Korea – South Korean intelligence officials believe North Korea or pro-Pyongyang forces committed cyber attacks that paralyzed major South Korean and U.S. government Web sites, aides to two lawmakers said Wednesday.

The sites of 11 South Korean organizations, including the presidential Blue House and the Defense Ministry, went down or had access problems since late Tuesday, according to the state-run Korea Information Security Agency. Agency spokeswoman Ahn Jeong-eun said 11 U.S. sites suffered similar problems. She said the agency is investigating the case with police and prosecutors.

In the U.S., the Treasury Department, Secret Service, Federal Trade Commission and Transportation Department Web sites were all down at varying points over the July 4 holiday weekend and into this week, according to American officials inside and outside the government.

Others familiar with the U.S. outage, which is called a denial of service attack, said that the fact that the government Web sites were still being affected three days after it began signaled an unusually lengthy and sophisticated attack. The officials spoke on condition of anonymity because they were not authorized to speak on the matter.

At first glance, this sounds very familiar to the cyberattacks that hit Estonia in spring of 2007 that threatened to shut down the entire country's infrastructure.  When I first started reading about the attacks, it looked like a deliberate attempt by Russia to rein in a "rogue" (ish) country for taking down a World War II memorial.

But as I researched it further, it looked more like a rogue attempt by a few upset Russians to start a cyber-riot.  It was a politician's assistant (in the Russian Duma) who organized some people to start a DDoS attack on Estonia's infrastructure.  In other words, the simpler explanation is that a bunch of nationalistic geeks got together and dot.bombed Estonia as an act of revenge. 

So, was this a deliberate act by North Korea?  Or was it just a lone gunman?  North Korea is a very closed society so it's difficult to say.

I like All Spammed Up's take on this.  Quoting an official within the government of the US:

These are very basic attacks and stuff we’ve seen for a very long time. The scale of these isn’t very huge either,” said one security expert, who spoke on condition of anonymity because he wasn’t authorized to discuss the matter publicly. “It’s embarrassing that these sites have been hit for four or five days and they’re still being affected. Think of the money that eBay and Amazon would lose in four to five days of this."

Indeed.  It sure seems like the Department of Defense is notoriously behind the times.  Whether it's a prank or not, to be able to take down government sites for days on end while commercial applications would have simple resiliency is a little disturbing.

Skip to main content